Cross-platform data management and integration

ABSTRACT

A method and a system include receiving a request to process a transaction, identifying, by the messaging application, transactional data based on the request, the transactional data corresponding to a user profile associated with the client device in an entity graph, determining a first desensitized data item associated with the user profile being included in the transactional data, providing for display a first user interface of the messaging application including a first user-selectable element corresponding to a completion of the transaction, receiving an indication of user selection of the first user-selectable element, and transmitting the transactional data to a secured processor.

BACKGROUND

Electronic messaging, particularly instant messaging, continues to growglobally in popularity. Users are quickly able to share with one anotherelectronic media content items, including text, electronic images,audio, and video instantly. With the increasing number of users onsocial networking systems, each user also has a growing network ofindividuals that she follows. Therefore, in order to maintain the userengagement on social networking systems, it is paramount that thesystems have the ability to integrate transaction functions into thesystem, to provide a comprehensive social solution for the users toconnect and interact beyond merely exchanging media content items.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

In the drawings, which are not necessarily drawn to scale, like numeralsmay describe similar components in different views. To easily identifythe discussion of any particular element or act, the most significantdigit or digits in a reference number refer to the figure number inwhich that element is first introduced. Some embodiments are illustratedby way of example, and not limitation, in the figures of theaccompanying drawings in which:

FIG. 1 is a diagrammatic representation of a networked environment inwhich the present disclosure may be deployed, in accordance with someexamples.

FIG. 2 is a diagrammatic representation of a messaging system, inaccordance with some examples, that has both client-side and server-sidefunctionality.

FIG. 3 is a diagrammatic representation of a data structure asmaintained in a database, in accordance with some examples.

FIG. 4 is a diagrammatic representation of a message, in accordance withsome examples.

FIG. 5 is a flowchart for an access-limiting process, in accordance withsome examples.

FIG. 6 illustrates a process 600 of completing a transaction in amessaging system in accordance with one embodiment.

FIG. 7 illustrates a process 700 of generating a desensitized data itemin accordance with one embodiment.

FIG. 8 illustrates a user interface 800 displayed on a client device inaccordance with one embodiment.

FIG. 9 illustrates a user interface 900 displayed on a client device inaccordance with one embodiment.

FIG. 10 illustrates a user interface 1000 displayed on a client devicein accordance with one embodiment.

FIG. 11 illustrates a user interface 1100 displayed on a client devicein accordance with one embodiment.

FIG. 12 illustrates a user interface 1200 displayed on a client devicein accordance with one embodiment.

FIG. 13 illustrates a process 1300 of completing a transaction in amessaging system in accordance with one embodiment.

FIG. 14 is a diagrammatic representation of a machine in the form of acomputer system within which a set of instructions may be executed forcausing the machine to perform any one or more of the methodologiesdiscussed herein, in accordance with some examples.

FIG. 15 is a block diagram showing a software architecture within whichexamples may be implemented.

FIG. 16 is a diagrammatic representation of a processing environment, inaccordance with some examples.

DETAILED DESCRIPTION

In messaging systems, users are connected to a variety of other userswith whom they have different levels and types of relationships. Thesocial networking systems are presented with the challenge of providingan integrated, simplified, and secured payment transaction function toallow users to purchase merchandise while maintaining the socialinteractions with other users in the messaging systems.

Embodiments of the present disclosure improve the functionality ofelectronic messaging software and systems by providing users a securedand optimal payment flow for commercial transactions. Specifically, themessaging system may incorporate external web-based resources (e.g.,mini-programs) developed by third parties into the ecosystem to provideusers with advanced features, such as e-commerce, task management, etc.The messaging system also handles payment processing via a secured andPCI compliant payment processor (e.g., payment gateway) that resides ina remote system agnostic to the messaging system. Thereby a payment flowis securely managed across multiple platforms for optimal userexperience. In addition, the embodiments of the present disclosure alsoimprove the functionality by maintaining social interactions with otherusers who are involved in decision making while advancing the process ofsuch commercial transactions. Specifically, users may continue engagingin a conversation while selecting merchandise to purchase in the userinterface of the mini-programs. For example, the messaging system allowsusers to continue sending each other messages in the user interface of amovie reservation mini-program to maintain the discussion of a movieticket to purchase and seats to choose.

In one embodiment, upon receiving a request from a requesting user via amini-program to process a payment transaction, the messaging systemidentifies if all transactional data associated with the requesting useris available. The transactional data may include username, contactinformation, billing address, shipping address, and payment tokens(e.g., the first desensitized data item). Each payment token stored inthe messaging system is associated with a token identifier. Payment cardinformation is subject to Payment Card Industry “PCI” compliancestandards, which require merchants to stores such sensitive informationin a secure manner to reduce the likelihood of data breaches andfraudulent actions. The messaging system does not store payment cardinformation. Instead, it stores the corresponding desensitized dataitems, such as payment tokens. A payment token is a reference or anidentifier of sensitive data (e.g., payment card information) as aresult of the tokenization process. Tokenization is a process ofsubstituting a sensitive data element with a non-sensitive equivalent,such as a payment token, that has no extrinsic or exploitable meaning orvalue.

In one embodiment, for each payment transaction, the messaging systemcauses the payment processor to generate a single-transaction paymenttoken (e.g., the second desensitized data item). The single-transactionpayment token is specific to each transaction a user authorizes,independent from the first desensitized payment token generated by thesecured payment processor. In one embodiment, the messaging systemdetermines if the mini-program associated with the pending transactionis registered with the secured payment processor (e.g., the securedprocessor). The determination may be based on the verification processof the registration status returned by the secured payment processor.The registration status may indicate if the mini-program is partneredwith the secured payment processor by utilizing their services, such aspayment processing, payment card vaulting, etc. If the mini-program isregistered with the secured payment processor, the messaging systemcauses the secured payment processor to generate reference metadatacorresponding to the first desensitized data item. The referencemetadata serves as a pointer to the actual payment card information(e.g., sensitive data item) entered by the user. The secured paymentprocessor generates a second desensitized data item that is compatiblewith the system of the mini-program based on the reference metadata, andreturns the data item to the messaging system.

In one embodiment, if the mini-program is not registered, orunregistered with the secured payment processor, that it is insteadregistered or partnered with another payment processor (e.g., a secondpayment processor), the messaging system may cause the secured paymentprocessor to generate a single-use data item (e.g., one-time-use card)and forward the single-use data item to the second payment processor.The messaging system may receive, either from the secured paymentprocessor or directly from the second payment processor, asingle-transaction payment token (e.g., the second desensitized dataitem) generated by the second payment processor based on the single-usedata item. The messaging system may transmit the second desensitizeddata item in conjunction with the transactional data to the securedpayment processor for payment processing. In one embodiment, thesingle-use data item generated by the secured payment processor includesa payment card number with the last four digits identical to the lastfour digits of the actual payment card number (e.g., transactioninstrument identifier) entered by the user.

In one embodiment, the messaging system stores the single-transactionpayment token (e.g., the second desensitized data item) in the database.The single-transaction payment token is for one-time use only and isspecific to each transaction a user has authorized to proceed. Unlikethe first desensitized data item, the second desensitized data item maynot be included in the transactional data in the future paymenttransactions.

In one embodiment, upon determination of missing transactional data, orupon user selection to enter updated transactional data, the system 216generates one or more user interfaces (e.g., “onboarding sheet”) toreceive new or updated data.

In one embodiment, upon determination of a lack of desensitized dataitem (e.g., payment token) from transactional data, or a user selectionto update payment card information, the messaging system generates aplurality of text input fields (e.g., the first set of data entryelements) for receiving such payment card information (e.g., sensitivedata items). Upon receiving user input of the sensitive data items,without storing them in the database 126, the messaging system transmitsthe sensitive data items directly to the secured payment processor. Thetokenization process is carried out by the payment processor (e.g., thesecured processor or the second payment processor) and the associatedsystem, which is agnostic to the messaging system. Upon receiving thedesensitized data item from the payment processor, the messaging systemstores it in a connected database.

In one embodiment, once the messaging system determines that alltransactional data are available, the messaging system provides fordisplay a first user interface that includes an overview of thetransactional data, and an interactive (e.g., slidable) user interfaceelement (e.g., a first user-selectable element) corresponding to acompletion of the payment transaction. Upon receiving an indication ofuser selection of the interactive user interface element representing auser decision to complete the transaction, the messaging system forwardsthe transactional data to a secured payment processor. In oneembodiment, the payment processor may be hosted by a system independentfrom the messaging system. In another embodiment, the payment processormay be hosted by a third party that developed the mini-programassociated with the payment transaction.

In one embodiment, where there are multiple payment tokens representingmultiple payment cards associated with a requesting user, the messagingsystem determines a most recent desensitized data item generated by thesecured processor or the most recent desensitized data item beinginvolved in a previous payment transaction.

In one embodiment, once the transactional data is transmitted by themessaging system to the secured payment processor, the messaging systemmay receive a transaction status indicating whether the payment has beensuccessfully processed. If the returned transaction status indicates acomplete transaction, the messaging system may provide for a display ofa user interface that includes a third user interface element inconjunction with a text display of “done,” or “payment successful,”indicating a complete transaction. If the returned transaction statusindicates an incomplete transaction, the messaging system may providefor a display of a user interface that includes a user interface elementin conjunction with a text display of “transaction not completed,”indicating an incomplete transaction.

In one embodiment, upon receiving the transaction status indicating acomplete payment transaction, the processor informs the web-basedexternal resource (e.g., mini-program) to finalize the requestedtransaction. Finalizing the requested transaction may include completingany remaining process associated with the transactions upon a successfulpayment transaction, such as completing the reservation of the movietickets, and sending the requesting user the reserved movie tickets viaemails or messages, etc.

Networked Computing Environment

FIG. 1 is a block diagram showing an example messaging system 100 forexchanging data (e.g., messages and associated content) over a network.The messaging system 100 includes multiple instances of a client device102, each of which hosts a number of applications, including a messagingclient 104 and other applications 106. Each messaging client 104 iscommunicatively coupled to other instances of the messaging client 104(e.g., hosted on respective other client devices 102), a messagingserver system 108, and third-party servers 110 via a network 112 (e.g.,the Internet). A messaging client 104 can also communicate withlocally-hosted applications 106 using Applications Program Interfaces(APIs).

A messaging client 104 is able to communicate and exchange data withother messaging clients 104 and with the messaging server system 108 viathe network 112. The data exchanged between messaging clients 104, andbetween a messaging client 104 and the messaging server system 108,includes functions (e.g., commands to invoke functions) as well aspayload data (e.g., text, audio, video, or other multimedia data).

The messaging server system 108 provides server-side functionality viathe network 112 to a particular messaging client 104. While certainfunctions of the messaging system 100 are described herein as beingperformed by either a messaging client 104 or by the messaging serversystem 108, the location of certain functionality either within themessaging client 104 or the messaging server system 108 may be a designchoice. For example, it may be technically preferable to initiallydeploy certain technology and functionality within the messaging serversystem 108 but to later migrate this technology and functionality to themessaging client 104, where a client device 102 has sufficientprocessing capacity.

The messaging server system 108 supports various services and operationsthat are provided to the messaging client 104. Such operations includetransmitting data to, receiving data from, and processing data generatedby the messaging client 104. This data may include message content,client device information, geolocation information, media augmentationand overlays, message content persistence conditions, social networkinformation, and live event information, as examples. Data exchangeswithin the messaging system 100 are invoked and controlled throughfunctions available via user interfaces (UIs) of the messaging client104.

Turning now specifically to the messaging server system 108, anApplication Program Interface (API) server 116 is coupled to, andprovides a programmatic interface to, application servers 114. Theapplication servers 114 are communicatively coupled to a database server120, which facilitates access to a database 126 that stores dataassociated with messages processed by the application servers 114.Similarly, a web server 128 is coupled to the application servers 114,and provides web-based interfaces to the application servers 114. Tothis end, the web server 128 processes incoming network requests overthe Hypertext Transfer Protocol (HTTP) and several other relatedprotocols.

The Application Program Interface (API) server 116 receives andtransmits message data (e.g., commands and message payloads) between theclient device 102 and the application servers 114. Specifically, theApplication Program Interface (API) server 116 provides a set ofinterfaces (e.g., routines and protocols) that can be called or queriedby the messaging client 104 in order to invoke the functionality of theapplication servers 114. The Application Program Interface (API) server116 exposes various functions supported by the application servers 114,including account registration, login functionality, the sending ofmessages, via the application servers 114, from a particular messagingclient 104 to another messaging client 104, the sending of media files(e.g., images or video) from a messaging client 104 to a messagingserver 118, and for possible access by another messaging client 104, thesettings of a collection of media data (e.g., story), the retrieval of alist of friends of a user of a client device 102, the retrieval of suchcollections, the retrieval of messages and content, the addition anddeletion of entities (e.g., friends) to an entity graph (e.g., a socialgraph), the location of friends within a social graph, and opening anapplication event (e.g., relating to the messaging client 104).

The application servers 114 host a number of server applications andsubsystems, including a messaging server 118, an image processing server122, and a social network server 124. The messaging server 118implements a number of message processing technologies and functions,particularly related to the aggregation and other processing of content(e.g., textual and multimedia content) included in messages receivedfrom multiple instances of the messaging client 104. As will bedescribed in further detail, the text and media content from multiplesources may be aggregated into collections of content (e.g., calledstories or galleries). These collections are then made available to themessaging client 104. Other processor and memory intensive processing ofdata may also be performed server-side by the messaging server 118, inview of the hardware requirements for such processing.

The application servers 114 also include an image processing server 122that is dedicated to performing various image processing operations,typically with respect to images or video within the payload of amessage sent from or received at the messaging server 118.

The social network server 124 supports various social networkingfunctions and services and makes these functions and services availableto the messaging server 118. To this end, the social network server 124maintains and accesses an entity graph 308 (as shown in FIG. 3) withinthe database 126. Examples of functions and services supported by thesocial network server 124 include the identification of other users ofthe messaging system 100 with which a particular user has relationshipsor is “following,” and also the identification of other entities andinterests of a particular user.

Returning to the messaging client 104, features and functions of anexternal resource (e.g., application 106, a mini-program, or an applet)are made available to a user via an interface of the messaging client104. In this context, “external” refers to the fact that the application106 or applet is external to the messaging client 104. The externalresource is often provided by a third party but may also be provided bythe creator or provider of the messaging client 104. The messagingclient 104 receives a user selection of an option to launch or accessfeatures of such an external resource. The external resource may be theapplication 106 installed on the client device 102 (e.g., a “nativeapp”), or a small-scale version of the application (e.g., an “applet”)that is hosted on the client device 102 or remote of the client device102 (e.g., on third-party servers 110). The small-scale version of theapplication includes a subset of features and functions of theapplication (e.g., the full-scale, native version of the application)and is implemented using a markup-language document. In one example, thesmall-scale version of the application (e.g., an “applet”) is aweb-based, markup-language version of the application and is embedded inthe messaging client 104. In addition to using markup-language documents(e.g., a.*ml file), an applet may incorporate a scripting language(e.g., a.*js file or a .json file) and a style sheet (e.g., a.*ss file).

In response to receiving a user selection of the option to launch oraccess features of the external resource, the messaging client 104determines whether the selected external resource is a web-basedexternal resource or a locally-installed application 106. In some cases,applications 106 that are locally installed on the client device 102 canbe launched independently of and separately from the messaging client104, such as by selecting an icon, corresponding to the application 106,on a home screen of the client device 102. Small-scale versions of suchapplications can be launched or accessed via the messaging client 104,and, in some examples, no or limited portions of the small-scaleapplication can be accessed outside of the messaging client 104. Thesmall-scale application can be launched by the messaging client 104receiving, from a third-party server 110 for example, a markup-languagedocument associated with the small-scale application and processing sucha document.

In response to determining that the external resource is alocally-installed application 106, the messaging client 104 instructsthe client device 102 to launch the external resource by executinglocally-stored code corresponding to the external resource. In responseto determining that the external resource is a web-based resource, themessaging client 104 communicates with the third-party servers 110 (forexample) to obtain a markup-language document corresponding to theselected external resource. The messaging client 104 then processes theobtained markup-language document to present the web-based externalresource within a user interface of the messaging client 104.

The messaging client 104 can notify a user of the client device 102, orother users related to such a user (e.g., “friends”), of activity takingplace in one or more external resources. For example, the messagingclient 104 can provide participants in a conversation (e.g., a chatsession) in the messaging client 104 with notifications relating to thecurrent or recent use of an external resource by one or more members ofa group of users. One or more users can be invited to join in an activeexternal resource or to launch a recently-used but currently inactive(in the group of friends) external resource. The external resource canprovide participants in a conversation, each using respective messagingclients 104, with the ability to share an item, status, state, orlocation in an external resource with one or more members of a group ofusers into a chat session. The shared item may be an interactive chatcard with which members of the chat can interact, for example, to launchthe corresponding external resource, view specific information withinthe external resource, or take the member of the chat to a specificlocation or state within the external resource. Within a given externalresource, response messages can be sent to users on the messaging client104. The external resource can selectively include different media itemsin the responses, based on a current context of the external resource.

The messaging client 104 can present a list of the available externalresources (e.g., applications 106 or applets) to a user to launch oraccess a given external resource. This list can be presented in acontext-sensitive menu. For example, the icons representing differentones of the application 106 (or applets) can vary based on how the menuis launched by the user (e.g., from a conversation interface or from anon-conversation interface).

System Architecture

FIG. 2 is a block diagram illustrating further details regarding themessaging system 100, according to some examples. Specifically, themessaging system 100 is shown to comprise the messaging client 104 andthe application servers 114. The messaging system 100 embodies a numberof subsystems, which are supported on the client-side by the messagingclient 104 and on the sever-side by the application servers 114. Thesesubsystems include, for example, an ephemeral timer system 202, acollection management system 204, an augmentation system 208, a mapsystem 210, a game system 212, an external resource system 214, and atransaction data management system.

The ephemeral timer system 202 is responsible for enforcing thetemporary or time-limited access to content by the messaging client 104and the messaging server 118. The ephemeral timer system 202incorporates a number of timers that, based on duration and displayparameters associated with a message, or collection of messages (e.g., astory), selectively enable access (e.g., for presentation and display)to messages and associated content via the messaging client 104. Furtherdetails regarding the operation of the ephemeral timer system 202 areprovided below.

The collection management system 204 is responsible for managing sets orcollections of media (e.g., collections of text, image video, and audiodata). A collection of content (e.g., messages, including images, video,text, and audio) may be organized into an “event gallery” or an “eventstory.” Such a collection may be made available for a specified timeperiod, such as the duration of an event to which the content relates.For example, content relating to a music concert may be made availableas a “story” for the duration of that music concert. The collectionmanagement system 204 may also be responsible for publishing an iconthat provides notification of the existence of a particular collectionto the user interface of the messaging client 104.

The collection management system 204 furthermore includes a curationinterface 206 that allows a collection manager to manage and curate aparticular collection of content. For example, the curation interface206 enables an event organizer to curate a collection of contentrelating to a specific event (e.g., delete inappropriate content orredundant messages). Additionally, the collection management system 204employs machine vision (or image recognition technology) and contentrules to automatically curate a content collection. In certain examples,compensation may be paid to a user for the inclusion of user-generatedcontent into a collection. In such cases, the collection managementsystem 204 operates to automatically make payments to such users for theuse of their content.

The augmentation system 208 provides various functions that enable auser to augment (e.g., annotate or otherwise modify or edit) mediacontent associated with a message. For example, the augmentation system208 provides functions related to the generation and publishing of mediaoverlays for messages processed by the messaging system 100. Theaugmentation system 208 operatively supplies a media overlay oraugmentation (e.g., an image filter) to the messaging client 104 basedon a geolocation of the client device 102. In another example, theaugmentation system 208 operatively supplies a media overlay to themessaging client 104 based on other information, such as social networkinformation of the user of the client device 102. A media overlay mayinclude audio and visual content and visual effects. Examples of audioand visual content include pictures, texts, logos, animations, and soundeffects. An example of a visual effect includes color overlaying. Theaudio and visual content or the visual effects can be applied to a mediacontent item (e.g., a photo) at the client device 102. For example, themedia overlay may include text or image that can be overlaid on top of aphotograph taken by the client device 102. In another example, the mediaoverlay includes an identification of a location overlay (e.g., Venicebeach), a name of a live event, or a name of a merchant overlay (e.g.,Beach Coffee House). In another example, the augmentation system 208uses the geolocation of the client device 102 to identify a mediaoverlay that includes the name of a merchant at the geolocation of theclient device 102. The media overlay may include other indiciaassociated with the merchant. The media overlays may be stored in thedatabase 126 and accessed through the database server 120.

In some examples, the augmentation system 208 provides a user-basedpublication platform that enables users to select a geolocation on a mapand upload content associated with the selected geolocation. The usermay also specify circumstances under which a particular media overlayshould be offered to other users. The augmentation system 208 generatesa media overlay that includes the uploaded content and associates theuploaded content with the selected geolocation.

In other examples, the augmentation system 208 provides a merchant-basedpublication platform that enables merchants to select a particular mediaoverlay associated with a geolocation via a bidding process. Forexample, the augmentation system 208 associates the media overlay of thehighest bidding merchant with a corresponding geolocation for apredefined amount of time.

The map system 210 provides various geographic location functions, andsupports the presentation of map-based media content and messages by themessaging client 104. For example, the map system 210 enables thedisplay of user icons or avatars (e.g., stored in profile data 316) on amap to indicate a current or past location of “friends” of a user, aswell as media content (e.g., collections of messages includingphotographs and videos) generated by such friends, within the context ofa map. For example, a message posted by a user to the messaging system100 from a specific geographic location may be displayed within thecontext of a map at that particular location to “friends” of a specificuser on a map interface of the messaging client 104. A user canfurthermore share his or her location and status information (e.g.,using an appropriate status avatar) with other users of the messagingsystem 100 via the messaging client 104, with this location and statusinformation being similarly displayed within the context of a mapinterface of the messaging client 104 to selected users.

The game system 212 provides various gaming functions within the contextof the messaging client 104. The messaging client 104 provides a gameinterface providing a list of available games that can be launched by auser within the context of the messaging client 104, and played withother users of the messaging system 100. The messaging system 100further enables a particular user to invite other users to participatein the play of a specific game, by issuing invitations to such otherusers from the messaging client 104. The messaging client 104 alsosupports both the voice and text messaging (e.g., chats) within thecontext of gameplay, provides a leaderboard for the games, and alsosupports the provision of in-game rewards (e.g., coins and items).

The external resource system 214 provides an interface for the messagingclient 104 to communicate with remote servers (e.g. third-party servers110) to launch or access external resources, i.e. applications orapplets. The external resources may be mini-programs. Each third-partyserver 110 hosts, for example, a markup language (e.g., HTML5) basedapplication or small-scale version of an application (e.g., tickets,game, utility, payment, or ride-sharing application). The messagingclient 104 may launches a web-based resource (e.g., application) byaccessing the HTML5 file from the third-party servers 110 associatedwith the web-based resource. In certain examples, applications hosted bythird-party servers 110 are programmed in JavaScript leveraging aSoftware Development Kit (SDK) provided by the messaging server 118. TheSDK includes Application Programming Interfaces (APIs) with functionsthat can be called or invoked by the web-based application. In certainexamples, the messaging server 118 includes a JavaScript library thatprovides a given external resource access to certain user data of themessaging client 104. HTML5 is used as an example technology forprogramming games, but applications and resources programmed based onother technologies can be used.

In order to integrate the functions of the SDK into the web-basedresource, the SDK is downloaded by a third-party server 110 from themessaging server 118 or is otherwise received by the third-party server110. Once downloaded or received, the SDK is included as part of theapplication code of a web-based external resource. The code of theweb-based resource can then call or invoke certain functions of the SDKto integrate features of the messaging client 104 into the web-basedresource.

The SDK stored on the messaging server 118 effectively provides thebridge between an external resource (e.g., applications 106 or appletsand the messaging client 104. This provides the user with a seamlessexperience of communicating with other users on the messaging client104, while also preserving the look and feel of the messaging client104. To bridge communications between an external resource and amessaging client 104, in certain examples, the SDK facilitatescommunication between third-party servers 110 and the messaging client104. In certain examples, a WebViewJavaScriptBridge running on a clientdevice 102 establishes two one-way communication channels between anexternal resource and the messaging client 104. Messages are sentbetween the external resource and the messaging client 104 via thesecommunication channels asynchronously. Each SDK function invocation issent as a message and callback. Each SDK function is implemented byconstructing a unique callback identifier and sending a message withthat callback identifier.

By using the SDK, not all information from the messaging client 104 isshared with third-party servers 110. The SDK limits which information isshared based on the needs of the external resource. In certain examples,each third-party server 110 provides an HTML5 file corresponding to theweb-based external resource to the messaging server 118. The messagingserver 118 can add a visual representation (such as a box art or othergraphic) of the web-based external resource in the messaging client 104.Once the user selects the visual representation or instructs themessaging client 104 through a GUI of the messaging client 104 to accessfeatures of the web-based external resource, the messaging client 104obtains the HTML5 file and instantiates the resources necessary toaccess the features of the web-based external resource.

The messaging client 104 presents a graphical user interface (e.g., alanding page or title screen) for an external resource. During, before,or after presenting the landing page or title screen, the messagingclient 104 determines whether the launched external resource has beenpreviously authorized to access user data of the messaging client 104.In response to determining that the launched external resource has beenpreviously authorized to access user data of the messaging client 104,the messaging client 104 presents another graphical user interface ofthe external resource that includes functions and features of theexternal resource. In response to determining that the launched externalresource has not been previously authorized to access user data of themessaging client 104, after a threshold period of time (e.g., 3 seconds)of displaying the landing page or title screen of the external resource,the messaging client 104 slides up (e.g., animates a menu as surfacingfrom the bottom or the middle of the screen, or other portion of thescreen) a menu for authorizing the external resource to access the userdata. The menu identifies the type of user data that the externalresource will be authorized to use. In response to receiving a userselection of an accept option, the messaging client 104 adds theexternal resource to a list of authorized external resources and allowsthe external resource to access user data from the messaging client 104.In some examples, the external resource is authorized by the messagingclient 104 to access the user data in accordance with an OAuth 2framework.

The messaging client 104 controls the type of user data that is sharedwith external resources based on the type of external resource beingauthorized. For example, external resources that include full-scaleapplications (e.g., an application 106) are provided with access to thefirst type of user data (e.g., only two-dimensional avatars of userswith or without different avatar characteristics). As another example,external resources that include small-scale versions of applications(e.g., web-based versions of applications) are provided with access tothe second type of user data (e.g., payment information, two-dimensionalavatars of users, three-dimensional avatars of users, and avatars withvarious avatar characteristics). Avatar characteristics includedifferent ways to customize a look and feel of an avatar, such asdifferent poses, facial features, clothing, etc.

The transaction data management system 216 provides a secured paymentflow for commercial transactions that allow users to purchasemerchandise from the built-in e-commerce programs (e.g., mini-programs)hosted by the server 112 within the messaging system 100. The system 216receives user requests from a web-based external resource, such asmini-programs, to process a payment transaction. The system 216determines if all transactional data associated with the requesting userare stored in database 126. Specifically, the transactional data may bestored in transactional data table 318 in database 126. When the system216 receives payment card information via user input, the system 216transmits the information to a remote secured payment processor (notshown). The payment processor may return a desensitized data item (e.g.,a payment token) representing payment card information. The system 216stores the desensitized data item in the transactional data table 318.

In one embodiment, once the transaction data management system 216determines all transactional data is present and ready to be sent outfor payment processing, the system 216 transmits the transactional datato the secured payment processor. The secured payment processor returnsa transaction status indicating whether the payment has gone through. Ifthe returned transaction status indicates a complete transaction, themessaging system may provide for a display of a user interface thatincludes a third user interface element associated with a text displayof “done,” or “payment successful,” indicating a complete transaction.If the returned transaction status indicates an incomplete transaction,the messaging system may provide for a display of a user interface thatincludes a user interface element associated with a text display of“transaction not completed,” indicating an incomplete transaction.

In one embodiment, the transaction data management system 216 determinesif the delivery of merchandize requires shipping. Once the system 216determines if the shipping is unnecessary for the delivery, the system216 may exclude shipping information from the determination oftransactional data. In addition, system 216 may also withhold userinterface elements associated with shipping information from the userinterface.

Data Architecture

FIG. 3 is a schematic diagram illustrating data structures 300, whichmay be stored in the database 126 of the messaging server system 108,according to certain examples. While the content of the database 126 isshown to comprise a number of tables, it will be appreciated that thedata could be stored in other types of data structures (e.g., as anobject-oriented database).

The database 126 includes message data stored within a message table302. This message data includes, for any particular one message, atleast message sender data, message recipient (or receiver) data, and apayload. Further details regarding information that may be included in amessage, and included within the message data stored in the messagetable 302 is described below with reference to FIG. 4.

An entity table 306 stores entity data, and is linked (e.g.,referentially) to an entity graph 308 and profile data 316. Entities forwhich records are maintained within the entity table 306 may includeindividuals, corporate entities, organizations, objects, places, events,and so forth. Regardless of entity type, any entity regarding which themessaging server system 108 stores data may be a recognized entity. Eachentity is provided with a unique identifier, as well as an entity typeidentifier (not shown).

The entity graph 308 stores information regarding relationships andassociations between entities. Such relationships may be social,professional (e.g., work at a common corporation or organization)interested-based or activity-based, merely for example.

The profile data 316 stores multiple types of profile data about aparticular entity. The profile data 316 may be selectively used andpresented to other users of the messaging system 100, based on privacysettings specified by a particular entity. Where the entity is anindividual, the profile data 316 includes, for example, a user name,telephone number, address, settings (e.g., notification and privacysettings), as well as a user-selected avatar representation (orcollection of such avatar representations). A particular user may thenselectively include one or more of these avatar representations withinthe content of messages communicated via the messaging system 100, andon map interfaces displayed by messaging clients 104 to other users. Thecollection of avatar representations may include “status avatars,” whichpresent a graphical representation of a status or activity that the usermay select to communicate at a particular time.

Where the entity is a group, the profile data 316 for the group maysimilarly include one or more avatar representations associated with thegroup, in addition to the group name, members, and various settings(e.g., notifications) for the relevant group.

The database 126 also stores augmentation data, such as overlays orfilters, in an augmentation table 310. The augmentation data isassociated with and applied to videos (for which data is stored in avideo table 304) and images (for which data is stored in an image table312).

Filters, in one example, are overlays that are displayed as overlaid onan image or video during presentation to a recipient user. Filters maybe of various types, including user-selected filters from a set offilters presented to a sending user by the messaging client 104 when thesending user is composing a message. Other types of filters includegeolocation filters (also known as geo-filters), which may be presentedto a sending user based on geographic location. For example, geolocationfilters specific to a neighborhood or special location may be presentedwithin a user interface by the messaging client 104, based ongeolocation information determined by a Global Positioning System (GPS)unit of the client device 102.

Another type of filter is a data filter, which may be selectivelypresented to a sending user by the messaging client 104, based on otherinputs or information gathered by the client device 102 during themessage creation process. Examples of data filters include currenttemperature at a specific location, a current speed at which a sendinguser is traveling, battery life for a client device 102, or the currenttime.

Other augmentation data that may be stored within the image table 312includes augmented reality content items (e.g., corresponding toapplying Lenses or augmented reality experiences). An augmented realitycontent item may be a real-time special effect and sound that may beadded to an image or a video.

As described above, augmentation data includes augmented reality contentitems, overlays, image transformations, AR images, and similar termsrefer to modifications that may be applied to image data (e.g., videosor images). This includes real-time modifications, which modify an imageas it is captured using device sensors (e.g., one or multiple cameras)of a client device 102 and then displayed on a screen of the clientdevice 102 with the modifications. This also includes modifications tostored content, such as video clips in a gallery that may be modified.For example, in a client device 102 with access to multiple augmentedreality content items, a user can use a single video clip with multipleaugmented reality content items to see how the different augmentedreality content items will modify the stored clip. For example, multipleaugmented reality content items that apply different pseudorandommovement models can be applied to the same content by selectingdifferent augmented reality content items for the content. Similarly,real-time video capture may be used with an illustrated modification toshow how video images currently being captured by sensors of a clientdevice 102 would modify the captured data. Such data may simply bedisplayed on the screen and not stored in memory, or the contentcaptured by the device sensors may be recorded and stored in memory withor without the modifications (or both). In some systems, a previewfeature can show how different augmented reality content items will lookwithin different windows in a display at the same time. This can, forexample, enable multiple windows with different pseudorandom animationsto be viewed on a display at the same time.

Data and various systems using augmented reality content items or othersuch transform systems to modify content using this data can thusinvolve detection of objects (e.g., faces, hands, bodies, cats, dogs,surfaces, objects, etc.), tracking of such objects as they leave, enter,and move around the field of view in video frames, and the modificationor transformation of such objects as they are tracked. In variousexamples, different methods for achieving such transformations may beused. Some examples may involve generating a three-dimensional meshmodel of the object or objects, and using transformations and animatedtextures of the model within the video to achieve the transformation. Inother examples, tracking of points on an object may be used to place animage or texture (which may be two dimensional or three dimensional) atthe tracked position. In still further examples, neural network analysisof video frames may be used to place images, models, or textures incontent (e.g., images or frames of video). Augmented reality contentitems thus refer both to the images, models, and textures used to createtransformations in content, as well as to additional modeling andanalysis information needed to achieve such transformations with objectdetection, tracking, and placement.

Real-time video processing can be performed with any kind of video data(e.g., video streams, video files, etc.) saved in a memory of acomputerized system of any kind. For example, a user can load videofiles and save them in a memory of a device, or can generate a videostream using sensors of the device. Additionally, any objects can beprocessed using a computer animation model, such as a human's face andparts of a human body, animals, or non-living things such as chairs,cars, or other objects.

In some examples, when a particular modification is selected along withcontent to be transformed, elements to be transformed are identified bythe computing device, and then detected and tracked if they are presentin the frames of the video. The elements of the object are modifiedaccording to the request for modification, thus transforming the framesof the video stream. Transformation of frames of a video stream can beperformed by different methods for different kinds of transformation.For example, for transformations of frames mostly referring to changingforms of object's elements characteristic points for each element of anobject are calculated (e.g., using an Active Shape Model (ASM) or otherknown methods). Then, a mesh based on the characteristic points isgenerated for each of the at least one element of the object. This meshused in the following stage of tracking the elements of the object inthe video stream. In the process of tracking, the mentioned mesh foreach element is aligned with a position of each element. Then,additional points are generated on the mesh. A first set of first pointsis generated for each element based on a request for modification, and aset of second points is generated for each element based on the set offirst points and the request for modification. Then, the frames of thevideo stream can be transformed by modifying the elements of the objecton the basis of the sets of first and second points and the mesh. Insuch method, a background of the modified object can be changed ordistorted as well by tracking and modifying the background.

In some examples, transformations changing some areas of an object usingits elements can be performed by calculating characteristic points foreach element of an object and generating a mesh based on the calculatedcharacteristic points. Points are generated on the mesh, and thenvarious areas based on the points are generated. The elements of theobject are then tracked by aligning the area for each element with aposition for each of the at least one element, and properties of theareas can be modified based on the request for modification, thustransforming the frames of the video stream. Depending on the specificrequest for modification properties of the mentioned areas can betransformed in different ways. Such modifications may involve changingcolor of areas; removing at least some part of areas from the frames ofthe video stream; including one or more new objects into areas which arebased on a request for modification; and modifying or distorting theelements of an area or object. In various examples, any combination ofsuch modifications or other similar modifications may be used. Forcertain models to be animated, some characteristic points can beselected as control points to be used in determining the entirestate-space of options for the model animation.

In some examples of a computer animation model to transform image datausing face detection, the face is detected on an image with use of aspecific face detection algorithm (e.g., Viola-Jones). Then, an ActiveShape Model (ASM) algorithm is applied to the face region of an image todetect facial feature reference points.

Other methods and algorithms suitable for face detection can be used.For example, in some examples, features are located using a landmark,which represents a distinguishable point present in most of the imagesunder consideration. For facial landmarks, for example, the location ofthe left eye pupil may be used. If an initial landmark is notidentifiable (e.g., if a person has an eyepatch), secondary landmarksmay be used. Such landmark identification procedures may be used for anysuch objects. In some examples, a set of landmarks forms a shape. Shapescan be represented as vectors using the coordinates of the points in theshape. One shape is aligned to another with a similarity transform(allowing translation, scaling, and rotation) that minimizes the averageEuclidean distance between shape points. The mean shape is the mean ofthe aligned training shapes.

In some examples, a search for landmarks from the mean shape aligned tothe position and size of the face determined by a global face detectoris started. Such a search then repeats the steps of suggesting atentative shape by adjusting the locations of shape points by templatematching of the image texture around each point and then conforming thetentative shape to a global shape model until convergence occurs. Insome systems, individual template matches are unreliable, and the shapemodel pools the results of the weak template matches to form a strongeroverall classifier. The entire search is repeated at each level in animage pyramid, from coarse to fine resolution.

A transformation system can capture an image or video stream on a clientdevice (e.g., the client device 102) and perform complex imagemanipulations locally on the client device 102 while maintaining asuitable user experience, computation time, and power consumption. Thecomplex image manipulations may include size and shape changes, emotiontransfers (e.g., changing a face from a frown to a smile), statetransfers (e.g., aging a subject, reducing apparent age, changinggender), style transfers, graphical element application, and any othersuitable image or video manipulation implemented by a convolutionalneural network that has been configured to execute efficiently on theclient device 102.

In some examples, a computer animation model to transform image data canbe used by a system where a user may capture an image or video stream ofthe user (e.g., a selfie) using a client device 102 having a neuralnetwork operating as part of a messaging client 104 operating on theclient device 102. The transformation system operating within themessaging client 104 determines the presence of a face within the imageor video stream and provides modification icons associated with acomputer animation model to transform image data, or the computeranimation model can be present as associated with an interface describedherein. The modification icons include changes that may be the basis formodifying the user's face within the image or video stream as part ofthe modification operation. Once a modification icon is selected, thetransform system initiates a process to convert the image of the user toreflect the selected modification icon (e.g., generate a smiling face onthe user). A modified image or video stream may be presented in agraphical user interface displayed on the client device 102 as soon asthe image or video stream is captured, and a specified modification isselected. The transformation system may implement a complexconvolutional neural network on a portion of the image or video streamto generate and apply the selected modification. That is, the user maycapture the image or video stream and be presented with a modifiedresult in real-time or near real-time once a modification icon has beenselected. Further, the modification may be persistent while the videostream is being captured, and the selected modification icon remainstoggled. Machine taught neural networks may be used to enable suchmodifications.

The graphical user interface, presenting the modification performed bythe transform system, may supply the user with additional interactionoptions. Such options may be based on the interface used to initiate thecontent capture and selection of a particular computer animation model(e.g., initiation from a content creator user interface). In variousexamples, a modification may be persistent after an initial selection ofa modification icon. The user may toggle the modification on or off bytapping or otherwise selecting the face being modified by thetransformation system and store it for later viewing or browse to otherareas of the imaging application. Where multiple faces are modified bythe transformation system, the user may toggle the modification on oroff globally by tapping or selecting a single face modified anddisplayed within a graphical user interface. In some examples,individual faces, among a group of multiple faces, may be individuallymodified, or such modifications may be individually toggled by tappingor selecting the individual face or a series of individual facesdisplayed within the graphical user interface.

A story table 314 stores data regarding collections of messages andassociated image, video, or audio data, which are compiled into acollection (e.g., a story or a gallery). The creation of a particularcollection may be initiated by a particular user (e.g., each user forwhich a record is maintained in the entity table 306). A user may createa “personal story” in the form of a collection of content that has beencreated and sent/broadcast by that user. To this end, the user interfaceof the messaging client 104 may include an icon that is user-selectableto enable a sending user to add specific content to his or her personalstory.

A collection may also constitute a “live story,” which is a collectionof content from multiple users that is created manually, automatically,or using a combination of manual and automatic techniques. For example,a “live story” may constitute a curated stream of user-submitted contentfrom varies locations and events. Users whose client devices havelocation services enabled and are at a common location event at aparticular time may, for example, be presented with an option, via auser interface of the messaging client 104, to contribute content to aparticular live story. The live story may be identified to the user bythe messaging client 104, based on his or her location. The end resultis a “live story” told from a community perspective.

A further type of content collection is known as a “location story,”which enables a user whose client device 102 is located within aspecific geographic location (e.g., on a college or university campus)to contribute to a particular collection. In some examples, acontribution to a location story may require a second degree ofauthentication to verify that the end user belongs to a specificorganization or other entity (e.g., is a student on the universitycampus).

As mentioned above, the video table 304 stores video data that, in oneexample, is associated with messages for which records are maintainedwithin the message table 302. Similarly, the image table 312 storesimage data associated with messages for which message data is stored inthe entity table 306. The entity table 306 may associate variousaugmentations from the augmentation table 310 with various images andvideos stored in the image table 312 and the video table 304.

Transactional data table 318 stores transactional data associated with auser profile, including username, contact information, billing address,shipping address, and payment tokens. Transactional data may be enteredvia user interface 1100, as shown in FIG. 11. Once a user enters thedata required for payment processing, the system 216 may automaticallypopulate the data entry elements (e.g., text input fields) with thepreviously entered transactional data in the user interface 1100 thenext time the user processes a payment transaction.

Data Communications Architecture

FIG. 4 is a schematic diagram illustrating a structure of a message 400,according to some examples, generated by a messaging client 104 forcommunication to a further messaging client 104 or the messaging server118. The content of a particular message 400 is used to populate themessage table 302 stored within the database 126, accessible by themessaging server 118. Similarly, the content of a message 400 is storedin memory as “in-transit” or “in-flight” data of the client device 102or the application servers 114. A message 400 is shown to include thefollowing example components:

-   -   message identifier 402: a unique identifier that identifies the        message 400.    -   message text payload 404: text, to be generated by a user via a        user interface of the client device 102, and that is included in        the message 400.    -   message image payload 406: image data, captured by a camera        component of a client device 102 or retrieved from a memory        component of a client device 102, and that is included in the        message 400. Image data for a sent or received message 400 may        be stored in the image table 312.    -   message video payload 408: video data, captured by a camera        component or retrieved from a memory component of the client        device 102, and that is included in the message 400. Video data        for a sent or received message 400 may be stored in the video        table 304.    -   message audio payload 410: audio data, captured by a microphone        or retrieved from a memory component of the client device 102,        and that is included in the message 400.    -   message augmentation data 412: augmentation data (e.g., filters,        stickers, or other annotations or enhancements) that represents        augmentations to be applied to message image payload 406,        message video payload 408, or message audio payload 410 of the        message 400. Augmentation data for a sent or received message        400 may be stored in the augmentation table 310.    -   message duration parameter 414: parameter value indicating, in        seconds, the amount of time for which content of the message        (e.g., the message image payload 406, message video payload 408,        message audio payload 410) is to be presented or made accessible        to a user via the messaging client 104.    -   message geolocation parameter 416: geolocation data (e.g.,        latitudinal and longitudinal coordinates) associated with the        content payload of the message. Multiple message geolocation        parameter 416 values may be included in the payload, each of        these parameter values being associated with respect to content        items included in the content (e.g., a specific image into        within the message image payload 406, or a specific video in the        message video payload 408).    -   message story identifier 418: identifier values identifying one        or more content collections (e.g., “stories” identified in the        story table 314) with which a particular content item in the        message image payload 406 of the message 400 is associated. For        example, multiple images within the message image payload 406        may each be associated with multiple content collections using        identifier values.    -   message tag 420: each message 400 may be tagged with multiple        tags, each of which is indicative of the subject matter of        content included in the message payload. For example, where a        particular image included in the message image payload 406        depicts an animal (e.g., a lion), a tag value may be included        within the message tag 420 that is indicative of the relevant        animal. Tag values may be generated manually, based on user        input, or may be automatically generated using, for example,        image recognition.    -   message sender identifier 422: an identifier (e.g., a messaging        system identifier, email address, or device identifier)        indicative of a user of the Client device 102 on which the        message 400 was generated and from which the message 400 was        sent.    -   message receiver identifier 424: an identifier (e.g., a        messaging system identifier, email address, or device        identifier) indicative of a user of the client device 102 to        which the message 400 is addressed.

The contents (e.g., values) of the various components of message 400 maybe pointers to locations in tables within which content data values arestored. For example, an image value in the message image payload 406 maybe a pointer to (or address of) a location within an image table 312.Similarly, values within the message video payload 408 may point to datastored within a video table 304, values stored within the messageaugmentations 412 may point to data stored in an augmentation table 310,values stored within the message story identifier 418 may point to datastored in a story table 314, and values stored within the message senderidentifier 422 and the message receiver identifier 424 may point to userrecords stored within an entity table 306.

Time-Based Access Limitation Architecture

FIG. 5 is a schematic diagram illustrating an access-limiting process500, in terms of which access to content (e.g., an ephemeral message502, and associated multimedia payload of data) or a content collection(e.g., an ephemeral message group 504) may be time-limited (e.g., madeephemeral).

An ephemeral message 502 is shown to be associated with a messageduration parameter 506, the value of which determines an amount of timethat the ephemeral message 502 will be displayed to a receiving user ofthe ephemeral message 502 by the messaging client 104. In one example,an ephemeral message 502 is viewable by a receiving user for up to amaximum of 10 seconds, depending on the amount of time that the sendinguser specifies using the message duration parameter 506.

The message duration parameter 506 and the message receiver identifier424 are shown to be inputs to a message timer 510, which is responsiblefor determining the amount of time that the ephemeral message 502 isshown to a particular receiving user identified by the message receiveridentifier 424. In particular, the ephemeral message 502 will only beshown to the relevant receiving user for a time period determined by thevalue of the message duration parameter 506. The message timer 510 isshown to provide output to a more generalized ephemeral timer system202, which is responsible for the overall timing of display of content(e.g., an ephemeral message 502) to a receiving user.

The ephemeral message 502 is shown in FIG. 5 to be included within anephemeral message group 504 (e.g., a collection of messages in apersonal story, or an event story). The ephemeral message group 504 hasan associated group duration parameter 508, a value of which determinesa time duration for which the ephemeral message group 504 is presentedand accessible to users of the messaging system 100. The group durationparameter 508, for example, may be the duration of a music concert,where the ephemeral message group 504 is a collection of contentpertaining to that concert. Alternatively, a user (either the owninguser or a curator user) may specify the value for the group durationparameter 508 when performing the setup and creation of the ephemeralmessage group 504.

Additionally, each ephemeral message 502 within the ephemeral messagegroup 504 has an associated group participation parameter 512, a valueof which determines the duration of time for which the ephemeral message502 will be accessible within the context of the ephemeral message group504. Accordingly, a particular ephemeral message group 504 may “expire”and become inaccessible within the context of the ephemeral messagegroup 504, prior to the ephemeral message group 504 itself expiring interms of the group duration parameter 508. The group duration parameter508, group participation parameter 512, and message receiver identifier424 each provide input to a group timer 514, which operationallydetermines, firstly, whether a particular ephemeral message 502 of theephemeral message group 504 will be displayed to a particular receivinguser and, if so, for how long. Note that the ephemeral message group 504is also aware of the identity of the particular receiving user as aresult of the message receiver identifier 424.

Accordingly, the group timer 514 operationally controls the overalllifespan of an associated ephemeral message group 504, as well as anindividual ephemeral message 502 included in the ephemeral message group504. In one example, each and every ephemeral message 502 within theephemeral message group 504 remains viewable and accessible for a timeperiod specified by the group duration parameter 508. In a furtherexample, a certain ephemeral message 502 may expire, within the contextof ephemeral message group 504, based on a group participation parameter512. Note that a message duration parameter 506 may still determine theduration of time for which a particular ephemeral message 502 isdisplayed to a receiving user, even within the context of the ephemeralmessage group 504. Accordingly, the message duration parameter 506determines the duration of time that a particular ephemeral message 502is displayed to a receiving user, regardless of whether the receivinguser is viewing that ephemeral message 502 inside or outside the contextof an ephemeral message group 504.

The ephemeral timer system 202 may furthermore operationally remove aparticular ephemeral message 502 from the ephemeral message group 504based on a determination that it has exceeded an associated groupparticipation parameter 512. For example, when a sending user hasestablished a group participation parameter 512 of 24 hours fromposting, the ephemeral timer system 202 will remove the relevantephemeral message 502 from the ephemeral message group 504 after thespecified 24 hours. The ephemeral timer system 202 also operates toremove an ephemeral message group 504 when either the groupparticipation parameter 512 for each and every ephemeral message 502within the ephemeral message group 504 has expired, or when theephemeral message group 504 itself has expired in terms of the groupduration parameter 508.

In certain use cases, a creator of a particular ephemeral message group504 may specify an indefinite group duration parameter 508. In thiscase, the expiration of the group participation parameter 512 for thelast remaining ephemeral message 502 within the ephemeral message group504 will determine when the ephemeral message group 504 itself expires.In this case, a new ephemeral message 502, added to the ephemeralmessage group 504, with a new group participation parameter 512,effectively extends the life of an ephemeral message group 504 to equalthe value of the group participation parameter 512.

Responsive to the ephemeral timer system 202 determining that anephemeral message group 504 has expired (e.g., is no longer accessible),the ephemeral timer system 202 communicates with the messaging system100 (and, for example, specifically the messaging client 104) to causean indicium (e.g., an icon) associated with the relevant ephemeralmessage group 504 to no longer be displayed within a user interface ofthe messaging client 104. Similarly, when the ephemeral timer system 202determines that the message duration parameter 506 for a particularephemeral message 502 has expired, the ephemeral timer system 202 causesthe messaging client 104 to no longer display an indicium (e.g., an iconor textual identification) associated with the ephemeral message 502.

Cross-Platform Data Management and Integration

In one embodiment, a requesting user may initiate a payment transactionprocess by activating a checkout button in a user interface of amini-program. A mini-program may be hosted by application servers 112 inthe messaging system 100, or alternatively, hosted by a third partyserver in an agnostic platform. A transaction data management system 216determines if all transactional data associated with the requesting userare available in the database 126. In one embodiment, once alltransactional data are determined to be available, the messaging systemprovides for a display the first user interface that includes anoverview of the transactional data, and an interactive (e.g., slidable)user interface element (e.g., a first user-selectable element)corresponding to a completion of the payment transaction. Upon receivingan indication of user selection of the interactive user interfaceelement representing a user decision to complete the transaction, themessaging system forwards the transactional data to a secured paymentprocessor, which resides in a remote system agnostic to the messagingsystem 100. The secured payment processor returns a transaction statusindicating if the payment card has been successfully charged.Alternatively, the payment processor may notify the mini-program, whichmay transmit the transaction status back to the transaction datamanagement system 216. A payment flow is thereby securely managed acrossmultiples platforms for optimal user experience.

FIG. 6 illustrates a process 600 of completing a transaction in amessaging system in accordance with one embodiment. The operations ofprocess 600 may be performed by any number of different systems, such asthe messaging client 104 described herein or the messaging server 114,or any portion thereof, such as a processor included in any of thesystems, including the transaction data management system 216 and theexternal resource system 214.

At operation 602, the processor receives a request to process a paymenttransaction. The request may be received by a messaging application 104implemented on a client device 102 from a web-based external resource(e.g., a mini-program). FIG. 8 illustrates a user interface 800generated by the processor for the mini-program. The user interface 800includes a user interface icon 802. The icon 802 includes a textindicator, such as “checkout,” indicating the activation (e.g., tapping)of the icon 802 may send the request to process a payment transaction.

At operation 604, the processor identifies transactional data based onthe request. The transactional data corresponds to a user profileassociated with the client device 102 in an entity graph 308.Specifically, the requesting user is associated with a user profile inthe entity graph 308, and the user profile is associated with thetransactional data of the requesting user. The transactional data isstored in the transactional data table 318. The transactional data mayinclude username, contact information (e.g., email address and phonenumber), billing address, shipping address, and desensitized data items,such as payment tokens.

At operation 606, the processor determines a first desensitized dataitem associated with the user profile being included in thetransactional data. The first desensitized data item may be a paymenttoken. A payment token is a reference or an identifier of sensitive data(e.g., payment card information) as a result of the tokenizationprocess. Tokenization is a process of substituting a sensitive dataelement with a non-sensitive equivalent, such as a payment token thathas no extrinsic or exploitable meaning or value. In one embodiment,there may be multiple payment tokens associated with a user profile, asa user may enter the information of multiple payment cards into themessaging system. The processor may identify the multiple payment tokens(e.g., the first desensitized data items) and determine the mostrecently added payment card. Alternatively, the processor may identifythe most recently chosen one in the previous payment transaction to beassociated with the transactional data for the current paymenttransaction.

At operation 608, the processor provides for display, within a userinterface of the web-based external resource, a first user interface ofthe messaging application includes a first user-selectable elementcorresponding to a completion of the transaction. Specifically, as shownin FIG. 9, the first user interface may be the partial-screen userinterface 902 within the user interface 900, and the firstuser-selectable element may be the interactive user interface element904.

At operation 610, the processor receives an indication of user selectionof the first user-selectable element. As shown in user interface 902(e.g., the first user interface), the first user-selectable element 904includes a slidable icon 906 that may be relocated based on thedirection of user hand gesture (e.g., pressing against the screen andsliding) from a first position 908 to a second position 910. When theslidable icon 906 reaches the second position 910, the firstuser-selectable element is activated.

At operation 612, the processor transmits the transactional data to asecured payment processor for payment processing. Specifically, inresponse to the first user-selectable element being activated, theprocessor transmits the transactional data to a secured paymentprocessor and waits for a returned transaction status indicating whetherthe payment has been successfully processed. If the returned transactionstatus indicates a complete transaction, the messaging system mayprovide for a display of a user interface that includes a third userinterface element associated with a text display of “done,” or “paymentsuccessful,” indicating a complete transaction. If the returnedtransaction status indicates an incomplete transaction, the messagingsystem may provide for a display of a user interface that includes auser interface element associated with a text display of “transactionnot completed,” indicating an incomplete transaction. In one embodiment,upon receiving the transaction status indicating a complete paymenttransaction, the processor informs the web-based external resource(e.g., mini-program) to finalize the requested transaction. Finalizingthe requested transaction may include completing any remaining processassociated with the transactions upon a successful payment transaction,such as completing the reservation of the movie tickets, and sending therequesting user the reserved movie tickets via emails or messages, etc.

In one embodiment, upon receiving the indication of a user selection ofthe first user-selectable element, the processor provides for thedisplay of a first user interface icon pending the receipt of thetransaction status from the secured processor. The first user interfaceicon may be an animated icon representing a decision being in progress(e.g., a “loading” bar or gif image).

FIG. 7 illustrates a process 700 of generating a desensitized data itemin accordance with one embodiment. Desensitized data items may bepayment tokens. Payment card information is subject to Payment CardIndustry “PCI” compliance standards, which require merchants to storessuch sensitive information in a secure manner to reduce the likelihoodof data breaches and fraudulent actions. The messaging system does notstore payment card information, such as card number, expiration date,and CVC number. Instead, it stores the corresponding desensitized dataitems, such as payment tokens. A payment token is a reference or anidentifier of sensitive data (e.g., payment card information) that hasno extrinsic or exploitable meaning or value.

At operation 702, the processor generates a plurality of data entryelements. The plurality of data entry elements includes a first set ofdata entry elements for receiving sensitive data items, such as paymentcard information. As shown in FIG. 11, the plurality of data entryelements may include the first set of data entry elements 1132 forreceiving payment card information, the second set of data entryelements 1122 for receiving shipping address information, and the thirdset of data entry elements 1102 for receiving user name and contactinformation including email address and phone number. In one embodiment,the first set of data entry elements refer to both data entry elements1132 and 1134.

At operation 704, the processor provides for a display of a second userinterface at least including the first set of data entry elements.Specifically, the second user interface may be the user interface 1130,as shown in FIG. 11. The user interface 1130 includes the first set ofdata entry elements 1132 and 1134. A data entry element may be a textinput field. For example, the first set of data entry elements 1132include three individual text input fields, including card number,expiration date (e.g., MM/YY), and CVC code. In one embodiment, thesecond user interface may also include data entry elements 1122 (e.g.,the second set of data entry elements) and 1102 (e.g., the third set ofdata entry elements).

At operation 706, the processor receives user input of the sensitivedata items via the first set of data entry elements 1132 and 1134.Specifically, users may type the payment card information into the textinput fields included in data entry elements 1132 and 1134. In oneembodiment, the data entry elements 1132 and 1134 may be iframes hostedand implemented by the secured payment processor, that the user enteringsessions and interactions with the iframes are isolated from themessaging system.

At operation 708, the processor transmits the sensitive data items tothe secured payment processor. The messaging system does not storepayment card information. Instead, it stores the correspondingdesensitized data items, such as payment tokens. Specifically, withoutstoring the payment card information to database 126, the processortransmits the payment card information directly to a third-party paymentprocessor, which resides in a system that is agnostic to the messagingsystem. The system hosting the payment processor is compliant with thePCI standards.

At operation 710, the processor receives the first desensitized dataitem (e.g., payment token) representing the corresponding sensitive dataitems (e.g., payment card information). A payment token is a referenceor identifier of the payment card information, and it may be representedby the first user interface display 912, as shown in user interface 900.The first user interface display 912 includes the last 4 digits of thepayment card number (e.g., 2044), the provider of payment card (e.g.,American Express), and a logo of the provider. The informationassociated with the first user display 912 may be stored in thetransactional data table 318 in database 126.

In one embodiment, for each payment transaction, the processor causesthe payment processor to generate a single-transaction payment token(e.g., the second desensitized data item) that is compatible with thesystem of the mini-program associated with a current transaction. Thesingle-transaction payment token is specific to each transaction a userauthorizes, independent from the first desensitized payment tokengenerated by the secured payment processor.

In one embodiment, the processor determines if the mini-programassociated with the pending transaction is registered with the securedpayment processor (e.g., the secured processor). The determination maybe based on the verification process of the registration status returnedby the secured payment processor. If the mini-program is registered withthe secured payment processor, the processor causes the secured paymentprocessor to generate reference metadata corresponding to the firstdesensitized data item. The reference metadata serves as a pointer,within the system of the secured payment processor, to the actualpayment card information (e.g., sensitive data item) entered by theuser. The processor causes the secured payment processor to generate asecond desensitized data item based on the reference metadata, andcauses the secured payment processor to return the second desensitizeddata item to the messaging system.

In one embodiment, if the mini-program is not registered, orunregistered with the secured payment processor, that it is insteadregistered or partnered with another payment processor (e.g., a secondpayment processor), the processor may cause the secured paymentprocessor to generate a single-use data item (e.g., one-time-use card)and forward the single-use data item to the second payment processor.The processor may receive, either from the secured payment processor ordirectly from the second payment processor, a single-transaction paymenttoken (e.g., the second desensitized data item) generated by the secondpayment processor based on the single-use data item. The processor maytransmit the second desensitized data item in conjunction with thetransactional data to the secured payment processor for paymentprocessing. In one embodiment, the single-use data item generated by thesecured payment processor includes a payment card number with the lastfour digits identical to the last four digits of the actual payment cardnumber (e.g., transaction instrument identifier) entered by the user.

In one embodiment, the processor stores the single-transaction paymenttoken (e.g., the second desensitized data item) in the transactionaldata table 318 in the database 126. The single-transaction payment tokenis for one-time use only and is specific to each transaction a user hasauthorized to proceed. Unlike the first desensitized data item, thesecond desensitized data item may not be included in the transactionaldata in the future payment transactions.

FIG. 8 illustrates a user interface 800 displayed on a client device 102in accordance with one embodiment. In one embodiment, users may select auser interface icon representing a mini-program, such as a mini-programthat provides theatrical event (e.g., movie tickets, concert tickets,theater tickets) booking service, from a direct messaging user interface(not shown). The user selection may cause the processor to generate anddisplay the user interface 800. In one embodiment, users may selectmovie time, the number of tickets, and seat positions from the userinterface 800. In addition, users may maintain conversations in theprevious direct messaging user interface by continuing to send messagesvia the message input display 804. The message input display 804 maysupport all types of message input and transmit, including ephemeralmessages 502, and media content items such as images, audios, or videos.Therefore, users do not need to leave the mini-programs to go back tothe direct messaging user interface to maintain the conversations.

In one embodiment, when the processor detects more than one user isassessing the user interface 800 of the mini-program, the processorcauses the user interface 800 to display seat reservations in real-timein response to one or more users' interaction with the respective clientdevices 102. For example, while engaging in a conversation in userinterface 800, a first user may block off two seats in the seatselection user interface display 806, indicating the choice of seats viathe user interface 800 from the associated first client device 102. Theprocessor causes the user interface 800 on a second client device 102 todisplay in real-time or simultaneously the first user's seat selection.The second user, while conversing with the first user, is informed ofthe user interface interaction by the first user in real-time. In oneembodiment, the processor may generate and display avatars associatedwith each user to reflect the real-time interactions by all the userspresent in the user interface 800. This way, all users may be able toview in the shared user interface 800 each other's choice of seats, thenumber of seats, movie time, etc.

In one embodiment, the processor displays a user interface element inthe direct messaging user interface, indicating if all users haverequested to process the payment transaction via activating the userinterface icon 802 on the respective client devices 102. Once all usershave submitted such request, the processor generates the partial-screenuser interface 902 on all associated client devices 102. In oneembodiment, if the processor detects one or more user fails to activatethe interactive user interface element 904, the processor withholds alltransactional data associated with the remaining users to be transmittedto the secured payment processor. This way, none of the paymenttransactions will be processed before all users confirm the payment viathe partial-screen user interface 902.

FIG. 9 illustrates a user interface 900 displayed on a client device inaccordance with one embodiment. Once the processor has received therequest to process a payment transaction and determined that alltransactional data associated with the requesting user is available, theprocessor may generate the partial-screen user interface 902 (e.g., thefirst user interface) within the user interface 900. The user interface902 includes all transactional data that is required for processing thepayment transaction. In one embodiment, the processor determines whetherthe completion of the transaction requires an electronic deliverymethod. For example, a movie ticket may be delivered electronically,such as via emails, text messages, or in-app messages. The processor maythen withhold a display of the second user interface display 914 fromthe partial-screen user interface 902. The processor may also withhold adisplay of the second set of data entry elements 1122 corresponding toshipping information from the second user interface, as shown in FIG.11. In one embodiment, activation of the first user interface display912 may cause the processor to generate and display the partial screenpayment method user interface 1202, provided there are multiple paymenttokens associated with the requesting user in the transactional datatable 318.

FIG. 10 illustrates a user interface 1000 displayed on a client devicein accordance with one embodiment. Upon determining all of thetransactional data is missing from the transactional data table 318, inresponse to receiving a user request to process a payment transaction byactivating the user interface icon 802, the processor may generate apartial screen onboarding user interface 1002. The user interface 1002includes a plurality of user-selectable items 1004, 1006, and 1008, andeach item corresponds to a type of transactional data required for thepayment transaction. Users may activate the user-selectable items bytapping on each item on the user interface. Activation of item 1004 maycause the processor to generate and display the user interface 1110 onthe client device 102. Activation of item 1006 may cause the processorto generate and display the user interface 1120 on the client device102. Activation of item 1008 may cause the processor to generate anddisplay the user interface 1130 on the client device 102. In oneembodiment, once the processor determines shipping information is notrequired for the purpose of the transaction, the processor may withholditem 1006 from the partial screen onboarding user interface 1002.

FIG. 11 illustrates a user interface 1100 displayed on a client devicein accordance with one embodiment. The second user interface may includethe first set of data entry elements 1132 and 1134. In one embodiment,the second user interface may also include the second set of data entryelements 1122 and the third set of data entry elements 1102. Theprocessor determines the completion of the transaction requires anelectronic delivery method. For example, a movie ticket may be deliveredelectronically, such as by emails, text messages, or in-app messages.The processor may then withhold a display of the second set of dataentry elements from the second user interface. Specifically, the seconduser interface may only include the first set of data entry elements1132 and 1134, and the third set of data entry elements 1102 is withheldfrom the display.

FIG. 12 illustrates a user interface 1200 displayed on a client devicein accordance with one embodiment. The user interface 1200 includes apartial screen payment method user interface 1202. The user interface1202 includes a display of information representing multiple paymenttokens. The display of each representation includes the last four digitsof the payment card numbers, the providers of payment cards, and thelogos of the providers. The user interface 1200 also includes auser-selectable icon 1204. Via user selection, the activation of icon1204 may cause the processor to generate the user interface 1130 thatincludes the first set of data entry elements 1132 and 1134.

FIG. 13 illustrates a process 1300 of completing a transaction in amessaging system in accordance with one embodiment. The identificationprocess of transactional data may be carried out in sequential order.Specifically, upon receiving a request to process a payment transaction,the processor, at operation 1302, determines if it is the first time forthe user to request a transaction process within the messaging system100. If it is the first time, the processor may generate one or moreuser interfaces (e.g., onboarding sheet), such as the second userinterface mentioned above, or the user interfaces 1110, 1120, and 1130,in order to collect transactional data associated with the requestinguser. The processor first determines if contact information is available(operation 1304). The processor may generate and cause display of theuser interface 1103 for collecting contact information. A validationoperation 1306 is carried out to verify if the contact informationreceived is valid. The processor then determines if the transactionrequires shipping (operation 1308). If the transaction requiresshipping, then the processor collects the shipping address via a userinterface (e.g., user interface 1120) and verifies if the address isvalid (operation 1312). The processor, in the last, determines if avalid payment token is associated with the requesting user (operation1314). The processor may generate and display the user interface 1130for collecting payment information. Upon receiving the valid paymentinformation, the processor transmits the payment information, includingcard number, expiration date, CVC code, and optionally, the billingaddress directly to the secured payment processor. The processor thenmay store the returned payment token in the transactional data table318. The payment token corresponds to the payment information handled bythe payment processor. Once all transactional data is available, therequesting user may authorize the payment transaction by activating theinteractive user interface element 904 (e.g., the first user-selectableelement) in the partial-screen user interface 902, as shown in FIG. 9,for example. Based on the returned transaction status (e.g., processingstate) from the secured payment processor, the processor determines ifthe payment transaction has been completed (operation 1320).

Machine Architecture

FIG. 14 is a diagrammatic representation of the machine 1400 withinwhich instructions 1408 (e.g., software, a program, an application, anapplet, an app, or other executable code) for causing the machine 1400to perform any one or more of the methodologies discussed herein may beexecuted. For example, the instructions 1408 may cause the machine 1400to execute any one or more of the methods described herein. Theinstructions 1408 transform the general, non-programmed machine 1400into a particular machine 1400 programmed to carry out the described andillustrated functions in the manner described. The machine 1400 mayoperate as a standalone device or may be coupled (e.g., networked) toother machines. In a networked deployment, the machine 1400 may operatein the capacity of a server machine or a client machine in aserver-client network environment, or as a peer machine in apeer-to-peer (or distributed) network environment. The machine 1400 maycomprise, but not be limited to, a server computer, a client computer, apersonal computer (PC), a tablet computer, a laptop computer, a netbook,a set-top box (STB), a personal digital assistant (PDA), anentertainment media system, a cellular telephone, a smartphone, a mobiledevice, a wearable device (e.g., a smartwatch), a smart home device(e.g., a smart appliance), other smart devices, a web appliance, anetwork router, a network switch, a network bridge, or any machinecapable of executing the instructions 1408, sequentially or otherwise,that specify actions to be taken by the machine 1400. Further, whileonly a single machine 1400 is illustrated, the term “machine” shall alsobe taken to include a collection of machines that individually orjointly execute the instructions 1408 to perform any one or more of themethodologies discussed herein. The machine 1400, for example, maycomprise the client device 102 or any one of a number of server devicesforming part of the messaging server system 108. In some examples, themachine 1400 may also comprise both client and server systems, withcertain operations of a particular method or algorithm being performedon the server-side and with certain operations of the particular methodor algorithm being performed on the client-side.

The machine 1400 may include processors 1402, memory 1404, andinput/output I/O components 1438, which may be configured to communicatewith each other via a bus 1440. In an example, the processors 1402(e.g., a Central Processing Unit (CPU), a Reduced Instruction SetComputing (RISC) Processor, a Complex Instruction Set Computing (CISC)Processor, a Graphics Processing Unit (GPU), a Digital Signal Processor(DSP), an Application Specific Integrated Circuit (ASIC), aRadio-Frequency Integrated Circuit (RFIC), another processor, or anysuitable combination thereof) may include, for example, a processor 1406and a processor 1410 that execute the instructions 1408. The term“processor” is intended to include multi-core processors that maycomprise two or more independent processors (sometimes referred to as“cores”) that may execute instructions contemporaneously. Although FIG.14 shows multiple processors 1402, the machine 1400 may include a singleprocessor with a single-core, a single processor with multiple cores(e.g., a multi-core processor), multiple processors with a single core,multiple processors with multiples cores, or any combination thereof.

The memory 1404 includes a main memory 1412, a static memory 1414, and astorage unit 1416, both accessible to the processors 1402 via the bus1440. The main memory 1404, the static memory 1414, and storage unit1416 store the instructions 1408 embodying any one or more of themethodologies or functions described herein. The instructions 1408 mayalso reside, completely or partially, within the main memory 1412,within the static memory 1414, within machine-readable medium 1418within the storage unit 1416, within at least one of the processors 1402(e.g., within the processor's cache memory), or any suitable combinationthereof, during execution thereof by the machine 1400.

The I/O components 1438 may include a wide variety of components toreceive input, provide output, produce output, transmit information,exchange information, capture measurements, and so on. The specific I/Ocomponents 1438 that are included in a particular machine will depend onthe type of machine. For example, portable machines such as mobilephones may include a touch input device or other such input mechanisms,while a headless server machine will likely not include such a touchinput device. It will be appreciated that the I/O components 1438 mayinclude many other components that are not shown in FIG. 14. In variousexamples, the I/O components 1438 may include user output components1424 and user input components 1426. The user output components 1424 mayinclude visual components (e.g., a display such as a plasma displaypanel (PDP), a light-emitting diode (LED) display, a liquid crystaldisplay (LCD), a projector, or a cathode ray tube (CRT)), acousticcomponents (e.g., speakers), haptic components (e.g., a vibratory motor,resistance mechanisms), other signal generators, and so forth. The userinput components 1426 may include alphanumeric input components (e.g., akeyboard, a touch screen configured to receive alphanumeric input, aphoto-optical keyboard, or other alphanumeric input components),point-based input components (e.g., a mouse, a touchpad, a trackball, ajoystick, a motion sensor, or another pointing instrument), tactileinput components (e.g., a physical button, a touch screen that provideslocation and force of touches or touch gestures, or other tactile inputcomponents), audio input components (e.g., a microphone), and the like.

In further examples, the I/O components 1438 may include biometriccomponents 1428, motion components 1430, environmental components 1432,or position components 1434, among a wide array of other components. Forexample, the biometric components 1428 include components to detectexpressions (e.g., band expressions, facial expressions, vocalexpressions, body gestures, or eye-tracking), measure biosignals (e.g.,blood pressure, heart rate, body temperature, perspiration, or brainwaves), identify a person (e.g., voice identification, retinalidentification, facial identification, fingerprint identification, orelectroencephalogram-based identification), and the like. The motioncomponents 1430 include acceleration sensor components (e.g.,accelerometer), gravitation sensor components, rotation sensorcomponents (e.g., gyroscope).

The environmental components 1432 include, for example, one or cameras(with still image/photograph and video capabilities), illuminationsensor components (e.g., photometer), temperature sensor components(e.g., one or more thermometers that detect ambient temperature),humidity sensor components, pressure sensor components (e.g.,barometer), acoustic sensor components (e.g., one or more microphonesthat detect background noise), proximity sensor components (e.g.,infrared sensors that detect nearby objects), gas sensors (e.g., gasdetection sensors to detection concentrations of hazardous gases forsafety or to measure pollutants in the atmosphere), or other componentsthat may provide indications, measurements, or signals corresponding toa surrounding physical environment.

With respect to cameras, the client device 102 may have a camera systemcomprising, for example, front cameras on a front surface of the clientdevice 102 and rear cameras on a rear surface of the client device 102.The front cameras may, for example, be used to capture still images andvideo of a user of the client device 102 (e.g., “selfies”), which maythen be augmented with augmentation data (e.g., filters) describedabove. The rear cameras may, for example, be used to capture stillimages and videos in a more traditional camera mode, with these imagessimilarly being augmented with augmentation data. In addition to frontand rear cameras, the client device 102 may also include a 360° camerafor capturing 360° photographs and videos.

Further, the camera system of a client device 102 may include dual rearcameras (e.g., a primary camera as well as a depth-sensing camera), oreven triple, quad or penta rear camera configurations on the front andrear sides of the client device 102. These multiple cameras systems mayinclude a wide camera, an ultra-wide camera, a telephoto camera, a macrocamera and a depth sensor, for example.

The position components 1434 include location sensor components (e.g., aGPS receiver component), altitude sensor components (e.g., altimeters orbarometers that detect air pressure from which altitude may be derived),orientation sensor components (e.g., magnetometers), and the like.

Communication may be implemented using a wide variety of technologies.The I/O components 1438 further include communication components 1436operable to couple the machine 1400 to a network 1420 or devices 1422via respective coupling or connections. For example, the communicationcomponents 1436 may include a network interface component or anothersuitable device to interface with the network 1420. In further examples,the communication components 1436 may include wired communicationcomponents, wireless communication components, cellular communicationcomponents, Near Field Communication (NFC) components, Bluetooth®components (e.g., Bluetooth® Low Energy), Wi-Fi® components, and othercommunication components to provide communication via other modalities.The devices 1422 may be another machine or any of a wide variety ofperipheral devices (e.g., a peripheral device coupled via a USB).

Moreover, the communication components 1436 may detect identifiers orinclude components operable to detect identifiers. For example, thecommunication components 1436 may include Radio Frequency Identification(RFID) tag reader components, NFC smart tag detection components,optical reader components (e.g., an optical sensor to detectone-dimensional bar codes such as Universal Product Code (UPC) bar code,multi-dimensional bar codes such as Quick Response (QR) code, Azteccode, Data Matrix, Dataglyph, MaxiCode, PDF417, Ultra Code, UCC RSS-2Dbar code, and other optical codes), or acoustic detection components(e.g., microphones to identify tagged audio signals). In addition, avariety of information may be derived via the communication components1436, such as location via Internet Protocol (IP) geolocation, locationvia Wi-Fi® signal triangulation, location via detecting an NFC beaconsignal that may indicate a particular location, and so forth.

The various memories (e.g., main memory 1412, static memory 1414, andmemory of the processors 1402) and storage unit 1416 may store one ormore sets of instructions and data structures (e.g., software) embodyingor used by any one or more of the methodologies or functions describedherein. These instructions (e.g., the instructions 1408), when executedby processors 1402, cause various operations to implement the disclosedexamples.

The instructions 1408 may be transmitted or received over the network1420, using a transmission medium, via a network interface device (e.g.,a network interface component included in the communication components1436) and using any one of several well-known transfer protocols (e.g.,hypertext transfer protocol (HTTP)). Similarly, the instructions 1408may be transmitted or received using a transmission medium via acoupling (e.g., a peer-to-peer coupling) to the devices 1422.

Software Architecture

FIG. 15 is a block diagram 1500 illustrating a software architecture1504, which can be installed on any one or more of the devices describedherein. The software architecture 1504 is supported by hardware such asa machine 1502 that includes processors 1520, memory 1526, and I/Ocomponents 1538. In this example, the software architecture 1504 can beconceptualized as a stack of layers, where each layer provides aparticular functionality. The software architecture 1504 includes layerssuch as an operating system 1512, libraries 1510, frameworks 1508, andapplications 1506. Operationally, the applications 1506 invoke API calls1550 through the software stack and receive messages 1552 in response tothe API calls 1550.

The operating system 1512 manages hardware resources and provides commonservices. The operating system 1512 includes, for example, a kernel1514, services 1516, and drivers 1522. The kernel 1514 acts as anabstraction layer between the hardware and the other software layers.For example, the kernel 1514 provides memory management, processormanagement (e.g., scheduling), component management, networking, andsecurity settings, among other functionality. The services 1516 canprovide other common services for the other software layers. The drivers1522 are responsible for controlling or interfacing with the underlyinghardware. For instance, the drivers 1522 can include display drivers,camera drivers, BLUETOOTH® or BLUETOOTH® Low Energy drivers, flashmemory drivers, serial communication drivers (e.g., USB drivers), WI-FI®drivers, audio drivers, power management drivers, and so forth.

The libraries 1510 provide a common low-level infrastructure used by theapplications 1506. The libraries 1510 can include system libraries 1518(e.g., C standard library) that provide functions such as memoryallocation functions, string manipulation functions, mathematicfunctions, and the like. In addition, the libraries 1510 can include APIlibraries 1524 such as media libraries (e.g., libraries to supportpresentation and manipulation of various media formats such as MovingPicture Experts Group-4 (MPEG4), Advanced Video Coding (H.264 or AVC),Moving Picture Experts Group Layer-3 (MP3), Advanced Audio Coding (AAC),Adaptive Multi-Rate (AMR) audio codec, Joint Photographic Experts Group(JPEG or JPG), or Portable Network Graphics (PNG)), graphics libraries(e.g., an OpenGL framework used to render in two dimensions (2D) andthree dimensions (3D) in a graphic content on a display), databaselibraries (e.g., SQLite to provide various relational databasefunctions), web libraries (e.g., WebKit to provide web browsingfunctionality), and the like. The libraries 1510 can also include a widevariety of other libraries 1528 to provide many other APIs to theapplications 1506.

The frameworks 1508 provide a common high-level infrastructure that isused by the applications 1506. For example, the frameworks 1508 providevarious graphical user interface (GUI) functions, high-level resourcemanagement, and high-level location services. The frameworks 1508 canprovide a broad spectrum of other APIs that can be used by theapplications 1506, some of which may be specific to a particularoperating system or platform.

In an example, the applications 1506 may include a home application1536, a contacts application 1530, a browser application 1532, a bookreader application 1534, a location application 1542, a mediaapplication 1544, a messaging application 1546, a game application 1548,and a broad assortment of other applications such as a third-partyapplication 1540. The applications 1506 are programs that executefunctions defined in the programs. Various programming languages can beemployed to create one or more of the applications 1506, structured in avariety of manners, such as object-oriented programming languages (e.g.,Objective-C, Java, or C++) or procedural programming languages (e.g., Cor assembly language). In a specific example, the third-partyapplication 1540 (e.g., an application developed using the ANDROID™ orIOS™ software development kit (SDK) by an entity other than the vendorof the particular platform) may be mobile software running on a mobileoperating system such as JOS™ ANDROID™, WINDOWS® Phone, or anothermobile operating system. In this example, the third-party application1540 can invoke the API calls 1550 provided by the operating system 1512to facilitate functionality described herein.

Processing Components

Turning now to FIG. 16, there is shown a diagrammatic representation ofa processing environment 1600, which includes a processor 1602, aprocessor 1606, and a processor 1608 (e.g., a GPU, CPU or combinationthereof).

The processor 1602 is shown to be coupled to a power source 1604, and toinclude (either permanently configured or temporarily instantiated)modules, namely a transaction data management component 1610 and an R/Wcomponent 1612. The transaction data management component 1610operationally manages and processes payment transactions across multipleplatforms or systems. The R/W component 1612 operationally manages dataread and write during the normal computer processing cycles to supportvarious functions as described above. As illustrated, the processor 1602is communicatively coupled to both the processor 1606 and the processor1608.

Glossary

“Carrier signal” refers to any intangible medium that is capable ofstoring, encoding, or carrying instructions for execution by themachine, and includes digital or analog communications signals or otherintangible media to facilitate communication of such instructions.Instructions may be transmitted or received over a network using atransmission medium via a network interface device.

“Client device” refers to any machine that interfaces to acommunications network to obtain resources from one or more serversystems or other client devices. A client device may be, but is notlimited to, a mobile phone, desktop computer, laptop, portable digitalassistants (PDAs), smartphones, tablets, ultrabooks, netbooks, laptops,multi-processor systems, microprocessor-based or programmable consumerelectronics, game consoles, set-top boxes, or any other communicationdevice that a user may use to access a network.

“Communication network” refers to one or more portions of a network thatmay be an ad hoc network, an intranet, an extranet, a virtual privatenetwork (VPN), a local area network (LAN), a wireless LAN (WLAN), a widearea network (WAN), a wireless WAN (WWAN), a metropolitan area network(MAN), the Internet, a portion of the Internet, a portion of the PublicSwitched Telephone Network (PSTN), a plain old telephone service (POTS)network, a cellular telephone network, a wireless network, a Wi-Fi®network, another type of network, or a combination of two or more suchnetworks. For example, a network or a portion of a network may include awireless or cellular network and the coupling may be a Code DivisionMultiple Access (CDMA) connection, a Global System for Mobilecommunications (GSM) connection, or other types of cellular or wirelesscoupling. In this example, the coupling may implement any of a varietyof types of data transfer technology, such as Single Carrier RadioTransmission Technology (1×RTT), Evolution-Data Optimized (EVDO)technology, General Packet Radio Service (GPRS) technology, EnhancedData rates for GSM Evolution (EDGE) technology, third GenerationPartnership Project (3GPP) including 3G, fourth generation wireless (4G)networks, Universal Mobile Telecommunications System (UMTS), High SpeedPacket Access (HSPA), Worldwide Interoperability for Microwave Access(WiMAX), Long Term Evolution (LTE) standard, others defined by variousstandard-setting organizations, other long-range protocols, or otherdata transfer technology.

“Component” refers to a device, physical entity, or logic havingboundaries defined by function or subroutine calls, branch points, APIs,or other technologies that provide for the partitioning ormodularization of particular processing or control functions. Componentsmay be combined via their interfaces with other components to carry outa machine process. A component may be a packaged functional hardwareunit designed for use with other components and a part of a program thatusually performs a particular function of related functions. Componentsmay constitute either software components (e.g., code embodied on amachine-readable medium) or hardware components. A “hardware component”is a tangible unit capable of performing certain operations and may beconfigured or arranged in a certain physical manner. In various exampleembodiments, one or more computer systems (e.g., a standalone computersystem, a client computer system, or a server computer system) or one ormore hardware components of a computer system (e.g., a processor or agroup of processors) may be configured by software (e.g., an applicationor application portion) as a hardware component that operates to performcertain operations as described herein. A hardware component may also beimplemented mechanically, electronically, or any suitable combinationthereof. For example, a hardware component may include dedicatedcircuitry or logic that is permanently configured to perform certainoperations. A hardware component may be a special-purpose processor,such as a field-programmable gate array (FPGA) or an applicationspecific integrated circuit (ASIC). A hardware component may alsoinclude programmable logic or circuitry that is temporarily configuredby software to perform certain operations. For example, a hardwarecomponent may include software executed by a general-purpose processoror other programmable processor. Once configured by such software,hardware components become specific machines (or specific components ofa machine) uniquely tailored to perform the configured functions and areno longer general-purpose processors. It will be appreciated that thedecision to implement a hardware component mechanically, in dedicatedand permanently configured circuitry, or in temporarily configuredcircuitry (e.g., configured by software), may be driven by cost and timeconsiderations. Accordingly, the phrase “hardware component” (or“hardware-implemented component”) should be understood to encompass atangible entity, be that an entity that is physically constructed,permanently configured (e.g., hardwired), or temporarily configured(e.g., programmed) to operate in a certain manner or to perform certainoperations described herein. Considering embodiments in which hardwarecomponents are temporarily configured (e.g., programmed), each of thehardware components need not be configured or instantiated at any oneinstance in time. For example, where a hardware component comprises ageneral-purpose processor configured by software to become aspecial-purpose processor, the general-purpose processor may beconfigured as respectively different special-purpose processors (e.g.,comprising different hardware components) at different times. Softwareaccordingly configures a particular processor or processors, forexample, to constitute a particular hardware component at one instanceof time and to constitute a different hardware component at a differentinstance of time. Hardware components can provide information to, andreceive information from, other hardware components. Accordingly, thedescribed hardware components may be regarded as being communicativelycoupled. Where multiple hardware components exist contemporaneously,communications may be achieved through signal transmission (e.g., overappropriate circuits and buses) between or among two or more of thehardware components. In embodiments in which multiple hardwarecomponents are configured or instantiated at different times,communications between such hardware components may be achieved, forexample, through the storage and retrieval of information in memorystructures to which the multiple hardware components have access. Forexample, one hardware component may perform an operation and store theoutput of that operation in a memory device to which it iscommunicatively coupled. A further hardware component may then, at alater time, access the memory device to retrieve and process the storedoutput. Hardware components may also initiate communications with inputor output devices, and can operate on a resource (e.g., a collection ofinformation). The various operations of example methods described hereinmay be performed, at least partially, by one or more processors that aretemporarily configured (e.g., by software) or permanently configured toperform the relevant operations. Whether temporarily or permanentlyconfigured, such processors may constitute processor-implementedcomponents that operate to perform one or more operations or functionsdescribed herein. As used herein, “processor-implemented component”refers to a hardware component implemented using one or more processors.Similarly, the methods described herein may be at least partiallyprocessor-implemented, with a particular processor or processors beingan example of hardware. For example, at least some of the operations ofa method may be performed by one or more processors 1606 orprocessor-implemented components. Moreover, the one or more processorsmay also operate to support performance of the relevant operations in a“cloud computing” environment or as a “software as a service” (SaaS).For example, at least some of the operations may be performed by a groupof computers (as examples of machines including processors), with theseoperations being accessible via a network (e.g., the Internet) and viaone or more appropriate interfaces (e.g., an API). The performance ofcertain of the operations may be distributed among the processors, notonly residing within a single machine, but deployed across a number ofmachines. In some example embodiments, the processors orprocessor-implemented components may be located in a single geographiclocation (e.g., within a home environment, an office environment, or aserver farm). In other example embodiments, the processors orprocessor-implemented components may be distributed across a number ofgeographic locations.

“Computer-readable storage medium” refers to both machine-storage mediaand transmission media. Thus, the terms include both storagedevices/media and carrier waves/modulated data signals. The terms“machine-readable medium,” “computer-readable medium” and“device-readable medium” mean the same thing and may be usedinterchangeably in this disclosure.

“Ephemeral message” refers to a message that is accessible for atime-limited duration. An ephemeral message may be a text, an image, avideo and the like. The access time for the ephemeral message may be setby the message sender. Alternatively, the access time may be a defaultsetting or a setting specified by the recipient. Regardless of thesetting technique, the message is transitory.

“Machine storage medium” refers to a single or multiple storage devicesand media (e.g., a centralized or distributed database, and associatedcaches and servers) that store executable instructions, routines anddata. The term shall accordingly be taken to include, but not be limitedto, solid-state memories, and optical and magnetic media, includingmemory internal or external to processors. Specific examples ofmachine-storage media, computer-storage media and device-storage mediainclude non-volatile memory, including by way of example semiconductormemory devices, e.g., erasable programmable read-only memory (EPROM),electrically erasable programmable read-only memory (EEPROM), FPGA, andflash memory devices; magnetic disks such as internal hard disks andremovable disks; magneto-optical disks; and CD-ROM and DVD-ROM disks Theterms “machine-storage medium,” “device-storage medium,”“computer-storage medium” mean the same thing and may be usedinterchangeably in this disclosure. The terms “machine-storage media,”“computer-storage media,” and “device-storage media” specificallyexclude carrier waves, modulated data signals, and other such media, atleast some of which are covered under the term “signal medium.”

“Non-transitory computer-readable storage medium” refers to a tangiblemedium that is capable of storing, encoding, or carrying theinstructions for execution by a machine.

“Signal medium” refers to any intangible medium that is capable ofstoring, encoding, or carrying the instructions for execution by amachine and includes digital or analog communications signals or otherintangible media to facilitate communication of software or data. Theterm “signal medium” shall be taken to include any form of a modulateddata signal, carrier wave, and so forth. The term “modulated datasignal” means a signal that has one or more of its characteristics setor changed in such a matter as to encode information in the signal. Theterms “transmission medium” and “signal medium” mean the same thing andmay be used interchangeably in this disclosure.

What is claimed is:
 1. A method comprising: receiving, by a messaging application implemented on a client device, from a web-based external resource, a request to process a transaction; identifying, by the messaging application, transactional data based on the request, the transactional data corresponding to a user profile associated with the client device in an entity graph; determining a first desensitized data item associated with the user profile being included in the transactional data; providing for display, within a user interface of the web-based external resource, a first user interface of the messaging application including a first user-selectable element corresponding to a completion of the transaction; receiving, by the messaging application, an indication of user selection of the first user-selectable element; and transmitting the transactional data to a secured processor.
 2. The method of claim 1, further comprising: upon determining that the web-based external resource is registered with the secured processor, causing the secured processor to generate reference metadata associated with the first desensitized data item; receiving, from the secured processor, a second desensitized data item corresponding to the first desensitized data item; and transmitting the second desensitized data item in conjunction with the transactional data to the secured processor.
 3. The method of claim 1, further comprising: upon determining that the web-based external resource is unregistered with the secured processor, causing the secured processor to generate a single-use data item; receiving a second desensitized data item corresponding to the single-use data item; and transmitting the second desensitized data item in conjunction with the transactional data to the secured processor.
 4. The method of claim 3, wherein the single-use data item includes a last four digits of a transaction instrument identifier associated with the first desensitized data item.
 5. The method of claim 1, further comprising: receiving an indication of a receipt of a transaction status from the secured processor or the web-based external resource; determining the transaction status corresponding to an incomplete transaction; and providing for display of a second user-selectable element corresponding to the incomplete transaction.
 6. The method of claim 1, further comprising: receiving an indication of a receipt of a transaction status from the secured processor or the web-based external resource; determining the transaction status corresponding to a complete transaction; and providing for display of a third user interface element corresponding to the complete transaction.
 7. The method of claim 6, further comprising: upon receiving the indication of the receipt of the transaction status corresponding to the complete transaction, causing the web-based external resource to finalize the transaction.
 8. The method of claim 1, further comprising: generating a plurality of data entry elements, the plurality of data entry elements including a first set of data entry elements for receiving sensitive data items; and providing for display of a second user interface at least including the first set of data entry elements.
 9. The method of claim 8, further comprising: receiving user input of the sensitive data items via the first set of data entry elements; transmitting, by the messaging application, the sensitive data items to the secured processor; and receiving the first desensitized data item representing the sensitive data items.
 10. The method of claim 8, wherein the plurality of data entry elements includes a second set of data entry elements for receiving shipping data.
 11. The method of claim 10, further comprising: determining a completion of the transaction requiring an electronic delivery method; and withholding a display of the second set of data entry elements from the second user interface in response to determining the completion of the transaction requiring the electronic delivery method.
 12. The method of claim 1, further comprising: identifying a plurality of desensitized data items associated with the user profile; determining a most recent desensitized data item generated by the secured processor or being involved in a previous transaction, and associating the most recent desensitized data item with the transactional data to be transmitted to the secured processor.
 13. The method of claim 12, wherein the most recent desensitized data item is the first desensitized data item.
 14. The method of claim 1, wherein the indication of user selection of the first user-selectable element includes a user-directed relocation of a second user interface icon included in the first user-selectable element.
 15. A system comprising: one or more processors; and a non-transitory computer readable storage medium comprising instructions that when executed by the one or more processors cause the one or more processors to perform operations comprising: receiving, by a messaging application implemented on a client device, from a web-based external resource, a request to process a transaction; identifying, by the messaging application, transactional data based on the request, the transactional data corresponding to a user profile associated with the client device in an entity graph; determining a first desensitized data item associated with the user profile being included in the transactional data; providing for display, within a user interface of the web-based external resource, a first user interface of the messaging application including a first user-selectable element corresponding to a completion of the transaction; receiving, by the messaging application, an indication of user selection of the first user-selectable element; and transmitting the transactional data to a secured processor.
 16. The system of claim 15, wherein the one or more processors further perform operations comprising: upon determining that the web-based external resource is registered with the secured processor, causing the secured processor to generate reference metadata associated with the first desensitized data item; receiving, from the secured processor, a second desensitized data item corresponding to the first desensitized data item; and transmitting the second desensitized data item in conjunction with the transactional data to the secured processor.
 17. The system of claim 15, wherein the one or more processors further perform operations comprising: upon determining that the web-based external resource is unregistered with the secured processor, causing the secured processor to generate a single-use data item; receiving a second desensitized data item corresponding to the single-use data item; and transmitting the second desensitized data item in conjunction with the transactional data to the secured processor.
 18. The system of claim 17, wherein the single-use data item comprises a last four digits of a transaction instrument identifier associated with the first desensitized data item.
 19. The system of claim 15, wherein the one or more processors further perform operations comprising: receiving an indication of a receipt of a transaction status from the secured processor or the web-based external resource; determining the transaction status corresponding to a complete transaction; and providing for display of a third user interface element corresponding to the complete transaction.
 20. A machine-readable non-transitory storage medium having instruction data executable by a machine to cause the machine to perform operations comprising: receiving, by a messaging application implemented on a client device, from a web-based external resource, a request to process a transaction; identifying, by the messaging application, transactional data based on the request, the transactional data corresponding to a user profile associated with the client device in an entity graph; determining a first desensitized data item associated with the user profile being included in the transactional data; providing for display, within a user interface of the web-based external resource, a first user interface of the messaging application including a first user-selectable element corresponding to a completion of the transaction; receiving, by the messaging application, an indication of user selection of the first user-selectable element; and transmitting the transactional data to a secured processor. 